Overview

overview

10

Static

static

7

53c83969ab...b0.exe

windows7-x64

10

53c83969ab...b0.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    53c83969ab7b6714be89029030823db0.exe

  • Size

    836KB

  • Sample

    240111-y5wzjagfc5

  • MD5

    53c83969ab7b6714be89029030823db0

  • SHA1

    a7ac182f25b13b768bae2d896ee64ffc655373b6

  • SHA256

    c8f4b0a7405c3aab922288abe6eb4c48ef5e61f4bd9fa60b300b95a3329338f4

  • SHA512

    abcdfa5285e1d2657e6f194a2653231fb414e167d42559f0a7f71cb397eb4948c7665a724e1dc2f2add9f0965042bdfaa21d90225147fbb9564e046573377f82

  • SSDEEP

    24576:/WkfHcLVs74ECI3BmVq4l1KUuub0m1ByvKwWIeJs15aQ:/v8LVE4PIcl1KUkmDyvUpJSMQ

Score
10/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      53c83969ab7b6714be89029030823db0.exe

    • Size

      836KB

    • MD5

      53c83969ab7b6714be89029030823db0

    • SHA1

      a7ac182f25b13b768bae2d896ee64ffc655373b6

    • SHA256

      c8f4b0a7405c3aab922288abe6eb4c48ef5e61f4bd9fa60b300b95a3329338f4

    • SHA512

      abcdfa5285e1d2657e6f194a2653231fb414e167d42559f0a7f71cb397eb4948c7665a724e1dc2f2add9f0965042bdfaa21d90225147fbb9564e046573377f82

    • SSDEEP

      24576:/WkfHcLVs74ECI3BmVq4l1KUuub0m1ByvKwWIeJs15aQ:/v8LVE4PIcl1KUkmDyvUpJSMQ

    Score
    10/10
    evasionthemidatrojan

    • UAC bypass

      evasiontrojan

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks